Risky Bulletin Risky Bulletin: New APT group turns out to be a phishing test
26 snips
Sep 8, 2025 Discover the deception behind a new APT group that turns out to be just a phishing test. Learn how Qantas responds to a breach by cutting executive bonuses. Explore the implications of Anthropic halting AI tool sales to Chinese firms. Plus, find out why Nepal has blocked 26 social media sites. This engaging discussion tackles the ever-changing landscape of cybersecurity and corporate responsibility.
AI Snips
Chapters
Transcript
Episode notes
Phishing Test Misidentified As APT
- A reported new Russian APT named Noisy Bear was actually an internal phishing training campaign.
- Sekright misattributed a planned exercise as a real espionage operation, highlighting attribution risks.
Link Bonuses To Security Outcomes
- Qantas reduced executive bonuses after a security breach to signal accountability.
- Organizations should tie executive remuneration to security outcomes to incentivize better practices.
Small Breach Percentages Scale Big
- Wealthsimple confirmed a third-party software compromise exposed customer data.
- Even small percentages of affected users can translate to hundreds of thousands of records when user bases are large.